simple_admin_auth 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +17 -0
- data/Gemfile +4 -0
- data/LICENSE.txt +22 -0
- data/README.md +34 -0
- data/Rakefile +1 -0
- data/lib/simple_admin_auth/application.rb +75 -0
- data/lib/simple_admin_auth/authenticated.rb +26 -0
- data/lib/simple_admin_auth/builder.rb +15 -0
- data/lib/simple_admin_auth/login_redirect.rb +23 -0
- data/lib/simple_admin_auth/version.rb +3 -0
- data/lib/simple_admin_auth.rb +9 -0
- data/simple_admin_auth.gemspec +23 -0
- data/static/css/bootstrap.min.css +868 -0
- metadata +108 -0
data/.gitignore
ADDED
data/Gemfile
ADDED
data/LICENSE.txt
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
Copyright (c) 2013 Ralf Kistner
|
2
|
+
|
3
|
+
MIT License
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
6
|
+
a copy of this software and associated documentation files (the
|
7
|
+
"Software"), to deal in the Software without restriction, including
|
8
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
9
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
10
|
+
permit persons to whom the Software is furnished to do so, subject to
|
11
|
+
the following conditions:
|
12
|
+
|
13
|
+
The above copyright notice and this permission notice shall be
|
14
|
+
included in all copies or substantial portions of the Software.
|
15
|
+
|
16
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
17
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
18
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
19
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
20
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
21
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
22
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,34 @@
|
|
1
|
+
# SimpleAdminAuth
|
2
|
+
|
3
|
+
Add simple admin authentication to any Rails application, using Google Apps for authentication.
|
4
|
+
|
5
|
+
Authentication is done purely on the Google Apps domain - no user model is used.
|
6
|
+
|
7
|
+
## Usage
|
8
|
+
|
9
|
+
Add this line to your application's Gemfile:
|
10
|
+
|
11
|
+
gem 'simple_admin_auth'
|
12
|
+
|
13
|
+
Create an initialiser configuring your domain:
|
14
|
+
|
15
|
+
Rails.application.config.middleware.use SimpleAdminAuth::Builder do
|
16
|
+
provider :google_apps, :domain => 'yourdomain.com', :name => 'admin'
|
17
|
+
end
|
18
|
+
|
19
|
+
Protect any routes that require authentication:
|
20
|
+
|
21
|
+
constraints SimpleAdminAuth::Authenticate do
|
22
|
+
mount MongoRequestLogger::Viewer, :at => "/log"
|
23
|
+
end
|
24
|
+
|
25
|
+
An user may be logged out by linking to `/auth/admin/logout`, or by clearing `session[:admin_user]`.
|
26
|
+
|
27
|
+
|
28
|
+
## Contributing
|
29
|
+
|
30
|
+
1. Fork it
|
31
|
+
2. Create your feature branch (`git checkout -b my-new-feature`)
|
32
|
+
3. Commit your changes (`git commit -am 'Add some feature'`)
|
33
|
+
4. Push to the branch (`git push origin my-new-feature`)
|
34
|
+
5. Create new Pull Request
|
data/Rakefile
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
require "bundler/gem_tasks"
|
@@ -0,0 +1,75 @@
|
|
1
|
+
require 'sinatra'
|
2
|
+
|
3
|
+
module SimpleAdminAuth
|
4
|
+
class Application < Sinatra::Base
|
5
|
+
enable :inline_templates
|
6
|
+
set :raise_errors, true
|
7
|
+
set :show_exceptions, false
|
8
|
+
|
9
|
+
def self.get_or_post(path, opts={}, &block)
|
10
|
+
get(path, opts, &block)
|
11
|
+
post(path, opts, &block)
|
12
|
+
end
|
13
|
+
|
14
|
+
get_or_post '/auth/admin/callback' do
|
15
|
+
auth_hash = request.env['omniauth.auth']
|
16
|
+
puts auth_hash.inspect
|
17
|
+
session[:admin_user] = auth_hash['info']
|
18
|
+
|
19
|
+
return_url = session[:admin_login_return_url] || '/'
|
20
|
+
session[:admin_login_return_url] = nil
|
21
|
+
if admin?
|
22
|
+
redirect return_url
|
23
|
+
else
|
24
|
+
throw(:halt, [401, "Not authorized\n"])
|
25
|
+
end
|
26
|
+
end
|
27
|
+
|
28
|
+
get '/auth/admin/logout' do
|
29
|
+
return_to = params[:return_to] || '/'
|
30
|
+
session[:admin_user] = nil
|
31
|
+
redirect return_to
|
32
|
+
end
|
33
|
+
|
34
|
+
get '/auth/admin/login' do
|
35
|
+
erb :login
|
36
|
+
end
|
37
|
+
|
38
|
+
get '/auth/admin/bootstrap.css' do
|
39
|
+
send_file File.join(File.dirname(__FILE__), '../../static/css/bootstrap.min.css')
|
40
|
+
end
|
41
|
+
|
42
|
+
private
|
43
|
+
|
44
|
+
|
45
|
+
def admin?
|
46
|
+
!session[:admin_user].nil?
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
__END__
|
52
|
+
|
53
|
+
@@ login
|
54
|
+
<html>
|
55
|
+
<head><title>Admin Login</title>
|
56
|
+
<link rel="stylesheet" href="http://localhost:3000/auth/admin/bootstrap.css" />
|
57
|
+
<style type="text/css">
|
58
|
+
body {
|
59
|
+
background-color: #F9F9F9;
|
60
|
+
}
|
61
|
+
|
62
|
+
#content {
|
63
|
+
text-align: center;
|
64
|
+
margin: 200px auto;
|
65
|
+
}
|
66
|
+
</style>
|
67
|
+
</head>
|
68
|
+
<body>
|
69
|
+
<div id="content">
|
70
|
+
<p>You need to sign in to continue.</p>
|
71
|
+
<a class="btn btn-large" href="/auth/admin">Sign in via Google Apps</a>
|
72
|
+
</div>
|
73
|
+
|
74
|
+
</body>
|
75
|
+
</html>
|
@@ -0,0 +1,26 @@
|
|
1
|
+
module SimpleAdminAuth
|
2
|
+
def self.authenticate &block
|
3
|
+
constraints(Authenticate) do
|
4
|
+
yield
|
5
|
+
end
|
6
|
+
end
|
7
|
+
|
8
|
+
class Authenticate
|
9
|
+
def self.matches?(request)
|
10
|
+
if !request.session[:admin_user].nil?
|
11
|
+
true
|
12
|
+
else
|
13
|
+
request.session[:admin_login_return_url] = request.url
|
14
|
+
raise RedirectException.new('/auth/admin/login')
|
15
|
+
end
|
16
|
+
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
|
21
|
+
class Unauthenticated
|
22
|
+
def self.matches?(request)
|
23
|
+
!Authenticated.matches?(request)
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
@@ -0,0 +1,15 @@
|
|
1
|
+
require 'omniauth'
|
2
|
+
require 'omniauth/builder'
|
3
|
+
require 'omniauth/strategies/google_apps'
|
4
|
+
require 'simple_admin_auth/application'
|
5
|
+
|
6
|
+
module SimpleAdminAuth
|
7
|
+
class Builder < OmniAuth::Builder
|
8
|
+
def initialize(*args)
|
9
|
+
super(*args)
|
10
|
+
|
11
|
+
use SimpleAdminAuth::LoginRedirect
|
12
|
+
use SimpleAdminAuth::Application
|
13
|
+
end
|
14
|
+
end
|
15
|
+
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
module SimpleAdminAuth
|
2
|
+
class LoginRedirect
|
3
|
+
def initialize(app, options={})
|
4
|
+
@app = app
|
5
|
+
end
|
6
|
+
|
7
|
+
def call(env)
|
8
|
+
begin
|
9
|
+
@app.call(env)
|
10
|
+
rescue RedirectException => e
|
11
|
+
[302, {"Location" => e.url}, ["Redirecting..."]]
|
12
|
+
end
|
13
|
+
end
|
14
|
+
end
|
15
|
+
|
16
|
+
class RedirectException < Exception
|
17
|
+
attr_reader :url
|
18
|
+
|
19
|
+
def initialize(url)
|
20
|
+
@url = url
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
lib = File.expand_path('../lib', __FILE__)
|
3
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
|
+
require 'simple_admin_auth/version'
|
5
|
+
|
6
|
+
Gem::Specification.new do |gem|
|
7
|
+
gem.name = "simple_admin_auth"
|
8
|
+
gem.version = SimpleAdminAuth::VERSION
|
9
|
+
gem.authors = ["Ralf Kistner"]
|
10
|
+
gem.email = ["ralf@embarkmobile.com"]
|
11
|
+
gem.description = %q{Add simple admin authentication to any Rails application, using Google Apps for authentication.}
|
12
|
+
gem.summary = %q{Simple admin authentication using Google Apps}
|
13
|
+
gem.homepage = ""
|
14
|
+
|
15
|
+
gem.files = `git ls-files`.split($/)
|
16
|
+
gem.executables = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
|
17
|
+
gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
|
18
|
+
gem.require_paths = ["lib"]
|
19
|
+
|
20
|
+
gem.add_dependency 'omniauth'
|
21
|
+
gem.add_dependency 'omniauth-google-apps'
|
22
|
+
gem.add_dependency 'sinatra'
|
23
|
+
end
|